Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/mjqFl3w3ouEDj8RARZJbq049cV8.roa
File: mjqFl3w3ouEDj8RARZJbq049cV8.roa (raw, json)
Hash identifier: 9ww/img1HcjkkS7BkX1P5awk4EWqnn4P1ssq6FNWpkE=
Subject key identifier: 9A:3A:85:97:7C:37:A2:E1:03:8F:C4:40:45:92:5B:AB:4E:3D:71:5F
Certificate issuer: /CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Certificate serial: 018220DB0E406D9433CF8994D8089F722979
Authority key identifier: 9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/mjqFl3w3ouEDj8RARZJbq049cV8.roa
Signing time: Thu 21 Jul 2022 13:03:23 +0000
ROA not before: Thu 21 Jul 2022 13:03:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39431
IP address blocks: 176.108.109.0/24 maxlen: 24
176.108.118.0/24 maxlen: 24
176.108.119.0/24 maxlen: 24
193.93.17.0/24 maxlen: 24
193.93.16.0/24 maxlen: 24
193.93.16.0/23 maxlen: 24
193.93.16.0/22 maxlen: 24
193.93.19.0/24 maxlen: 24
193.93.18.0/24 maxlen: 24
193.93.18.0/23 maxlen: 24
176.108.103.0/24 maxlen: 24
176.108.102.0/24 maxlen: 24
176.108.104.0/24 maxlen: 24
2001:678:468::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:20:db:0e:40:6d:94:33:cf:89:94:d8:08:9f:72:29:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Validity
Not Before: Jul 21 13:03:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9a3a85977c37a2e1038fc44045925bab4e3d715f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c8:b8:3e:e1:b6:fd:8a:86:d8:b0:0f:ad:17:
f8:cb:01:00:89:15:6b:01:e6:c9:20:c7:e7:b3:39:
ea:9d:ce:32:53:af:ea:96:fa:78:4e:84:4f:0e:f1:
1b:e1:6e:94:88:69:9e:60:c1:47:39:46:d0:21:86:
e5:06:8f:bd:c4:e3:e6:5f:a3:7b:10:db:08:f8:0f:
0d:4f:5d:e4:f1:bd:24:5e:6e:e3:7d:04:c0:4a:6f:
78:17:27:ff:45:35:26:c3:47:66:4d:85:a9:2d:57:
bd:6a:b0:18:c7:4f:9b:cd:23:af:ce:23:33:d4:e4:
c4:a2:f5:b7:75:9f:07:6e:3a:c3:ed:0e:15:80:96:
ee:5d:cd:f0:ed:ab:68:eb:29:8a:52:1d:67:6b:59:
74:0f:6b:b7:d0:e9:d2:6c:18:62:de:ba:46:83:06:
90:c1:c1:01:7d:f1:e5:dd:86:73:aa:c9:cb:ad:a9:
6a:ac:1b:fc:b1:b7:70:fa:d1:e3:82:fa:80:56:6a:
fb:78:04:d4:36:a5:5d:10:7d:35:c4:f6:45:97:d9:
3e:61:ec:f1:f0:8e:11:41:7f:93:5b:2f:a2:bb:bf:
83:9b:71:de:2c:07:4e:56:e2:28:d0:d2:1c:e2:73:
4a:19:b7:f1:78:a0:d6:7b:a2:4e:e2:c6:4b:42:3d:
7a:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:3A:85:97:7C:37:A2:E1:03:8F:C4:40:45:92:5B:AB:4E:3D:71:5F
X509v3 Authority Key Identifier:
keyid:9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/mjqFl3w3ouEDj8RARZJbq049cV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/n1_z3hCjG79XAcC9smxlCAF9oso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.102.0-176.108.104.255
176.108.109.0/24
176.108.118.0/23
193.93.16.0/22
IPv6:
2001:678:468::/48
Signature Algorithm: sha256WithRSAEncryption
09:f8:b0:fc:2e:ee:1c:c2:8b:7c:32:fd:c1:d0:94:56:cc:35:
3b:bb:b7:88:70:81:9e:d4:4b:f5:a2:9b:c9:d1:49:9f:f7:bd:
73:8b:92:0c:13:7f:68:93:3b:bd:c7:f7:a9:da:bb:24:c8:be:
00:26:60:70:c4:97:66:43:32:0e:b0:ba:88:8c:62:cc:9f:1e:
65:32:38:1c:34:ed:87:7b:95:55:b3:af:f5:eb:84:36:6a:23:
d4:c7:3f:25:10:ed:95:08:71:e8:42:1d:a4:63:8b:5f:38:66:
95:d7:10:cb:6b:d0:1f:54:c7:66:a9:cf:f8:f8:b5:cd:21:95:
13:83:96:ec:03:1b:0b:6e:fc:e3:de:94:e6:cc:ba:da:1b:b2:
57:6b:9a:32:6a:14:3c:4e:37:f5:28:ed:bd:e8:1d:e8:72:2f:
5c:06:02:78:e9:23:17:12:81:ff:51:44:31:82:1b:55:bf:5d:
17:e0:ad:59:6e:bc:de:6e:4f:db:8b:6d:af:93:47:f5:c9:93:
7b:ef:35:87:71:b8:e7:93:73:99:4a:e6:cc:ba:d0:b1:04:79:
e4:59:a1:87:f5:c6:65:4b:00:fa:50:aa:d8:93:c2:b4:65:d3:
c1:9a:64:6c:1f:5a:1a:40:fd:78:4f:0a:f8:da:74:87:e8:39:
f7:73:49:96
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYIg2w5AbZQzz4mU2Aifcil5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNWZmM2RlMTBhMzFiYmY1NzAxYzBiZGIyNmM2NTA4MDE3
ZGEyY2EwHhcNMjIwNzIxMTMwMzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTNhODU5NzdjMzdhMmUxMDM4ZmM0NDA0NTkyNWJhYjRlM2Q3MTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsi4PuG2/YqG2LAPrRf4ywEAiRVr
AebJIMfnsznqnc4yU6/qlvp4ToRPDvEb4W6UiGmeYMFHOUbQIYblBo+9xOPmX6N7
ENsI+A8NT13k8b0kXm7jfQTASm94Fyf/RTUmw0dmTYWpLVe9arAYx0+bzSOvziMz
1OTEovW3dZ8HbjrD7Q4VgJbuXc3w7ato6ymKUh1na1l0D2u30OnSbBhi3rpGgwaQ
wcEBffHl3YZzqsnLralqrBv8sbdw+tHjgvqAVmr7eATUNqVdEH01xPZFl9k+Yezx
8I4RQX+TWy+iu7+Dm3HeLAdOVuIo0NIc4nNKGbfxeKDWe6JO4sZLQj161wIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFJo6hZd8N6LhA4/EQEWSW6tOPXFfMB8GA1UdIwQY
MBaAFJ9f894Qoxu/VwHAvbJsZQgBfaLKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUt
NTcwMWQwMWMxZTg3LzEvbWpxRmwzdzNvdUVEajhSQVJaSmJxMDQ5Y1Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUtNTcwMWQwMWMxZTg3
LzEvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAmBAIAATAgMAwDBAGwbGYD
BACwbGgDBACwbG0DBAGwbHYDBALBXRAwDwQCAAIwCQMHACABBngEaDANBgkqhkiG
9w0BAQsFAAOCAQEACfiw/C7uHMKLfDL9wdCUVsw1O7u3iHCBntRL9aKbydFJn/e9
c4uSDBN/aJM7vcf3qdq7JMi+ACZgcMSXZkMyDrC6iIxizJ8eZTI4HDTth3uVVbOv
9euENmoj1Mc/JRDtlQhx6EIdpGOLXzhmldcQy2vQH1THZqnP+Pi1zSGVE4OW7AMb
C278496U5sy62huyV2uaMmoUPE439Sjtvegd6HIvXAYCeOkjFxKB/1FEMYIbVb9d
F+CtWW683m5P24ttr5NH9cmTe+81h3G455NzmUrmzLrQsQR55Fmhh/XGZUsA+lCq
2JPCtGXTwZpkbB9aGkD9eE8K+Np0h+g593NJlg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:45:54 2024 by rpki-client on console-ams.rpki-client.org